On Tue, 16 Jan 2024 20:53:19 +0200 Eli Zaretskii <e...@gnu.org> wrote: > From: Henrik Carlqvist <hc...@poolhem.se> > > On Tue, 16 Jan 2024 06:59:30 +0000 > > MIAOW Miao <guoyr_2...@hotmail.com> wrote: > > > if ((*ep)[nl] == '=' && strncmp (*ep, v->name, nl) == 0) > > > > Looking at that line, the rather obvious fix would be to change it to: > > > > if (strncmp (*ep, v->name, nl) == 0 && (*ep)[nl] == '=') > > > > That way, *ep can be no shorter than having \0 at position nl and > > accessing that position should not cause any segfault. > > But it's less efficient when the (*ep)[nl] == '=' test fails.
Yes, that is true, but to avoid a possible segfault it is necessary to somehow check that (*ep)[nl] is a valid address. The current fix at https://savannah.gnu.org/bugs/index.php?65172 also works fine, but also that fix might be even less efficient as strlen will read every char up to and including \0 in *ep. regards Henrik
